Microsoft Events presents a session on security and governance for AI agents built on Microsoft Copilot platforms, featuring Shaun Van Staden and practical strategies using Zenity’s platform.

Securing the AI Agents with Zenity and Microsoft

Speaker: Shaun Van Staden Event: Microsoft Ignite 2025 | ODSP1461

Overview

As the deployment of AI agents continues to scale across platforms like Microsoft 365 Copilot, Copilot Studio, and Microsoft Foundry, robust defense-in-depth strategies have become essential. This session highlights practical approaches to securing AI agents and outlines how the Zenity platform integrates with Microsoft’s security suite to offer enhanced observability, governance, risk mitigation, and compliance.

Key Topics Covered

• Protection Against Threats:

  • Safeguarding AI agents from both external and insider threats.
  • Addressing vulnerabilities specific to multi-agent environments.

• Governance and Hardening:

  • Methods for adding governance and hardening agent vulnerabilities through posture management tools.
  • Best practices to align with organizational security policies.

• Integration with Microsoft Security:

  • Leveraging new observability and control hooks in Copilot Studio, leveraging the OWASP Agent standard.
  • Using Zenity’s unified platform to complement and extend Microsoft-native controls.

• Threat Visualization:

  • Application of threat graphs to visualize agent environments and analyze permissions.

• Activity and Response:

  • Reviewing runtime activity and agent actions to maintain ongoing detection and response.
  • Inline prevention mechanisms to block malicious behavior in real time.

• Responsible Governance and Compliance:

  • Establishing policies for responsible AI governance, risk mitigation, and regulatory compliance across Microsoft AI ecosystems.

Practical Takeaways

• How to integrate Zenity’s platform with Microsoft security tools for comprehensive protection.
• Ways to use observability and activity monitoring features to improve agent security posture.
• Strategies to meet compliance requirements while enabling agility in agent development.

References

• Microsoft Ignite Sessions

Session aired in English (US). Part of the Microsoft Ignite 2025 program.

Chapters Recap

1. Agents Require Protection from External and Insider Threats
2. Adding Governance and Hardening Agent Vulnerabilities
3. Observability and Control Hooks for Copilot Studio (OWASP Agent standard)
4. Threat Graph Visualization
5. Runtime Activity and Agent Actions
6. Conclusion: Securing AI Agents with Zenity and Microsoft